8 #define assertFalse(x) assert(!(x)); printf(".")
9 #define assertTrue(x) assert(x); printf(".")
10 #define assertEquals(x, y) assert(x == y); printf(".")
12 void assertStrEquals(const char *expected
, const char *given
)
14 int length
= strlen(expected
);
15 assert(strncmp(expected
, given
, length
) == 0);
22 * Definition of test function
26 http_parser_init(&parser
);
27 assertEquals(0, parser
.nread
);
33 void parse_simple_element_cb(void *_
, int type
, const char *at
, size_t length
)
36 case MONGREL_HTTP_VERSION
: assertStrEquals("HTTP/1.1", at
); break;
37 case MONGREL_REQUEST_PATH
: assertStrEquals("/", at
); break;
38 case MONGREL_REQUEST_METHOD
: assertStrEquals("GET", at
); break;
39 case MONGREL_REQUEST_URI
: assertStrEquals("/", at
); break;
41 printf("unknown: %d\n", type
);
42 assert(0 && "Got an element that we didn't expect");
46 void parse_simple_field_cb(void *_
, const char *field
, size_t flen
, const char *value
, size_t vlen
)
48 assert(0 && "Shouldn't call field_cb");
51 void parse_simple_test(void)
53 const char *simple
= "GET / HTTP/1.1\r\n\r\n";
55 http_parser_init(&parser
);
56 parser
.on_element
= parse_simple_element_cb
;
57 parser
.http_field
= parse_simple_field_cb
;
58 nread
= http_parser_execute(&parser
, simple
, strlen(simple
), 0);
59 assertEquals(nread
, strlen(simple
));
60 assertTrue(http_parser_is_finished(&parser
));
64 /** parse_dumbfuck_headers 1 **/
65 void parse_dumbfuck_element_cb(void *_
, int type
, const char *at
, size_t length
)
68 case MONGREL_HTTP_VERSION
: assertStrEquals("HTTP/1.1", at
); break;
69 case MONGREL_REQUEST_PATH
: assertStrEquals("/", at
); break;
70 case MONGREL_REQUEST_METHOD
: assertStrEquals("GET", at
); break;
71 case MONGREL_REQUEST_URI
: assertStrEquals("/", at
); break;
73 printf("unknown: %d\n", type
);
74 assert(0 && "Got an element that we didn't expect");
78 static int parse_dumbfuck_field_count
= 0;
79 void parse_dumbfuck_field_cb(void *_
, const char *field
, size_t flen
, const char *value
, size_t vlen
)
81 parse_dumbfuck_field_count
++;
82 assertStrEquals("aaaaaaaaaaaaa", field
);
83 assertStrEquals("++++++++++", value
);
84 assertEquals(1, parse_dumbfuck_field_count
);
87 void parse_dumbfuck_test(void)
89 const char *dumbfuck
= "GET / HTTP/1.1\r\naaaaaaaaaaaaa:++++++++++\r\n\r\n";
90 http_parser_init(&parser
);
91 parser
.on_element
= parse_dumbfuck_element_cb
;
92 parser
.http_field
= parse_dumbfuck_field_cb
;
93 int nread
= http_parser_execute(&parser
, dumbfuck
, strlen(dumbfuck
), 0);
94 assertEquals(nread
, strlen(dumbfuck
));
95 assertTrue(http_parser_is_finished(&parser
));
105 /** parse_dumbfuck_headers 2 **/
106 void donothing_element_cb(void *_
, int type
, const char *at
, size_t length
){;}
108 void parse_dumbfuck2_test(void)
110 const char *dumbfuck2
= "GET / HTTP/1.1\r\nX-SSL-Bullshit: -----BEGIN CERTIFICATE-----\r\n\tMIIFbTCCBFWgAwIBAgICH4cwDQYJKoZIhvcNAQEFBQAwcDELMAkGA1UEBhMCVUsx\r\n\tETAPBgNVBAoTCGVTY2llbmNlMRIwEAYDVQQLEwlBdXRob3JpdHkxCzAJBgNVBAMT\r\n\tAkNBMS0wKwYJKoZIhvcNAQkBFh5jYS1vcGVyYXRvckBncmlkLXN1cHBvcnQuYWMu\r\n\tdWswHhcNMDYwNzI3MTQxMzI4WhcNMDcwNzI3MTQxMzI4WjBbMQswCQYDVQQGEwJV\r\n\tSzERMA8GA1UEChMIZVNjaWVuY2UxEzARBgNVBAsTCk1hbmNoZXN0ZXIxCzAJBgNV\r\n\tBAcTmrsogriqMWLAk1DMRcwFQYDVQQDEw5taWNoYWVsIHBhcmQYJKoZIhvcNAQEB\r\n\tBQADggEPADCCAQoCggEBANPEQBgl1IaKdSS1TbhF3hEXSl72G9J+WC/1R64fAcEF\r\n\tW51rEyFYiIeZGx/BVzwXbeBoNUK41OK65sxGuflMo5gLflbwJtHBRIEKAfVVp3YR\r\n\tgW7cMA/s/XKgL1GEC7rQw8lIZT8RApukCGqOVHSi/F1SiFlPDxuDfmdiNzL31+sL\r\n\t0iwHDdNkGjy5pyBSB8Y79dsSJtCW/iaLB0/n8Sj7HgvvZJ7x0fr+RQjYOUUfrePP\r\n\tu2MSpFyf+9BbC/aXgaZuiCvSR+8Snv3xApQY+fULK/xY8h8Ua51iXoQ5jrgu2SqR\r\n\twgA7BUi3G8LFzMBl8FRCDYGUDy7M6QaHXx1ZWIPWNKsCAwEAAaOCAiQwggIgMAwG\r\n\tA1UdEwEB/wQCMAAwEQYJYIZIAYb4QgEBBAQDAgWgMA4GA1UdDwEB/wQEAwID6DAs\r\n\tBglghkgBhvhCAQ0EHxYdVUsgZS1TY2llbmNlIFVzZXIgQ2VydGlmaWNhdGUwHQYD\r\n\tVR0OBBYEFDTt/sf9PeMaZDHkUIldrDYMNTBZMIGaBgNVHSMEgZIwgY+AFAI4qxGj\r\n\tloCLDdMVKwiljjDastqooXSkcjBwMQswCQYDVQQGEwJVSzERMA8GA1UEChMIZVNj\r\n\taWVuY2UxEjAQBgNVBAsTCUF1dGhvcml0eTELMAkGA1UEAxMCQ0ExLTArBgkqhkiG\r\n\t9w0BCQEWHmNhLW9wZXJhdG9yQGdyaWQtc3VwcG9ydC5hYy51a4IBADApBgNVHRIE\r\n\tIjAggR5jYS1vcGVyYXRvckBncmlkLXN1cHBvcnQuYWMudWswGQYDVR0gBBIwEDAO\r\n\tBgwrBgEEAdkvAQEBAQYwPQYJYIZIAYb4QgEEBDAWLmh0dHA6Ly9jYS5ncmlkLXN1\r\n\tcHBvcnQuYWMudmT4sopwqlBWsvcHViL2NybC9jYWNybC5jcmwwPQYJYIZIAYb4QgEDBDAWLmh0\r\n\tdHA6Ly9jYS5ncmlkLXN1cHBvcnQuYWMudWsvcHViL2NybC9jYWNybC5jcmwwPwYD\r\n\tVR0fBDgwNjA0oDKgMIYuaHR0cDovL2NhLmdyaWQt5hYy51ay9wdWIv\r\n\tY3JsL2NhY3JsLmNybDANBgkqhkiG9w0BAQUFAAOCAQEAS/U4iiooBENGW/Hwmmd3\r\n\tXCy6Zrt08YjKCzGNjorT98g8uGsqYjSxv/hmi0qlnlHs+k/3Iobc3LjS5AMYr5L8\r\n\tUO7OSkgFFlLHQyC9JzPfmLCAugvzEbyv4Olnsr8hbxF1MbKZoQxUZtMVu29wjfXk\r\n\thTeApBv7eaKCWpSp7MCbvgzm74izKhu3vlDk9w6qVrxePfGgpKPqfHiOoGhFnbTK\r\n\twTC6o2xq5y0qZ03JonF7OJspEd3I5zKY3E+ov7/ZhW6DqT8UFvsAdjvQbXyhV8Eu\r\n\tYhixw1aKEPzNjNowuIseVogKOLXxWI5vAi5HgXdS0/ES5gDGsABo4fqovUKlgop3\r\n\tRA==\r\n\t-----END CERTIFICATE-----\r\n\r\n";
111 http_parser_init(&parser
);
112 parser
.on_element
= donothing_element_cb
;
113 parser
.http_field
= 0;
114 http_parser_execute(&parser
, dumbfuck2
, strlen(dumbfuck2
), 0);
115 assertTrue(http_parser_has_error(&parser
));
120 /** test_fragment_in_uri **/
121 void fragment_in_uri_element_cb(void *_
, int type
, const char *at
, size_t length
)
124 case MONGREL_HTTP_VERSION
: assertStrEquals("HTTP/1.1", at
); break;
125 case MONGREL_REQUEST_PATH
: assertStrEquals("/forums/1/topics/2375", at
); break;
126 case MONGREL_REQUEST_METHOD
: assertStrEquals("GET", at
); break;
127 case MONGREL_REQUEST_URI
: assertStrEquals("/forums/1/topics/2375?page=1", at
); break;
128 case MONGREL_FRAGMENT
: assertStrEquals("posts-17408", at
); break;
129 case MONGREL_QUERY_STRING
: assertStrEquals("page=1", at
); break;
131 printf("unknown: %d\n", type
);
132 assert(0 && "Got an element that we didn't expect");
136 void fragment_in_uri_test(void)
138 const char *fragment_in_uri
= "GET /forums/1/topics/2375?page=1#posts-17408 HTTP/1.1\r\n\r\n";
139 http_parser_init(&parser
);
140 parser
.on_element
= fragment_in_uri_element_cb
;
141 parser
.http_field
= 0;
142 http_parser_execute(&parser
, fragment_in_uri
, strlen(fragment_in_uri
), 0);
143 assertTrue(http_parser_is_finished(&parser
));
150 /* very bad garbage generator */
151 char *rand_data(int min
, int max
, int readable
)
154 int count
= min
+ (int)((rand()/(float)RAND_MAX
) * max
+ 1)*10;
155 char *out
= malloc(count
);
157 for(i
= 0; i
< count
; i
++) {
159 out
[i
] = ((double)rand()/RAND_MAX
)*25+'A';
161 out
[i
] = ((double)rand()/RAND_MAX
)*100+10;
168 void horrible_queries_test(void) {
170 char req
[1000 * 1024];
172 for(i
= 0; i
< 10; i
++) {
173 sprintf(req
, "GET /%s HTTP/1.1\r\nX-%s: Test\r\n\r\n"
174 , rand_data(10, 120, TRUE
)
175 , rand_data(1024, 1024+i
*1024, TRUE
)
177 http_parser_init(&parser
);
178 parser
.on_element
= donothing_element_cb
;
179 parser
.http_field
= 0;
180 http_parser_execute(&parser
, req
, strlen(req
), 0);
181 assertTrue(http_parser_has_error(&parser
));
184 /* then that large mangled field values are caught */
185 for(i
= 0; i
< 10; i
++) {
186 sprintf(req
, "GET /%s HTTP/1.1\r\nX-Test: %s\r\n\r\n"
187 , rand_data(10,120, TRUE
)
188 , rand_data(1024, 1024+(i
*1024), FALSE
)
190 http_parser_init(&parser
);
191 parser
.on_element
= donothing_element_cb
;
192 parser
.http_field
= 0;
193 http_parser_execute(&parser
, req
, strlen(req
), 0);
194 assertTrue(http_parser_has_error(&parser
));
197 /* then large headers are rejected too */
198 // # then large headers are rejected too
199 // req = "GET /#{rand_data(10,120)} HTTP/1.1\r\n"
200 // req << "X-Test: test\r\n" * (80 * 1024)
201 // assert drops_request?(req), "large headers are rejected"
204 /* finally just that random garbage gets blocked all the time */
205 for(i
= 0; i
< 10; i
++) {
206 sprintf(req
, "GET %s %s\r\n\r\n"
207 , rand_data(1024, 1024+(i
*1024), FALSE
)
208 , rand_data(1024, 1024+(i
*1024), FALSE
)
210 http_parser_init(&parser
);
211 parser
.on_element
= donothing_element_cb
;
212 parser
.http_field
= 0;
213 http_parser_execute(&parser
, req
, strlen(req
), 0);
214 assertTrue(http_parser_has_error(&parser
));
218 int main(int argc
, char *argv
[])
222 parse_dumbfuck_test();
223 parse_dumbfuck2_test();
224 fragment_in_uri_test();
225 horrible_queries_test();
227 printf("\nAll tests passed!\n");